05-09-2011, 02:51 PM
(05-09-2011, 07:10 AM)toast Wrote:(05-09-2011, 03:28 AM)noob007 Wrote:(05-09-2011, 03:26 AM)toast Wrote:(05-09-2011, 02:33 AM)noob007 Wrote:(05-09-2011, 02:27 AM)toast Wrote: Your signature code has XSS vulnerabilities
Erm, no.
kinda yeah if you were able to change the signature variable youd be able to put html code in
But PHP scripts are only server-side. A client can't change them.
What if there was a form (that you make) where you could change your signature and it'd change the value of the variable?
Then it would change the signature because that's what it's supposed to do...